đ October 29, 2025â|ââ± 6 min readâ|âđ Category: Threat Intelligence
A now-patched Google Chrome zero-day, CVE-2025-2783 (CVSS 8.3), was used in a targeted espionage campaign that delivered tools from Italian surveillance vendor Memento Labs, according to multiple independent analyses. The operation, tracked by Kaspersky as Operation ForumTroll and by other firms as TaxOff/Team 46, Dante APT, and Prosperous Werewolf, sent personalized, short-lived phishing links that invited recipients to the Primakov Readings forum. Simply opening those links in Chrome or a Chromium-based browser on Windows was enough to trigger a sandbox escape and install a loader that deployed a previously undocumented spyware dubbed LeetAgent.
Google addressed CVE-2025-2783 in March 2025. The flaw enabled code execution outside Chromeâs sandbox, with technical roots in the browserâs IPC subsystem on Windows. The exploit chain let attackers pivot from a web page to running native code, bypassing one of the browserâs most important containment barriers. Kasperskyâs telemetry places the start of the activity no later than early 2024, with a heavy focus on entities in Russia and Belarus, including media outlets, universities, research institutes, government bodies, and financial organizations. This was a selective operation, not broad spam.
Who is Memento Labs, and what was delivered Memento Labs, based in Milan and also stylized as mem3nt0, emerged in 2019 from the merger of InTheCyber Group and Hacking Team. Hacking Teamâs past includes selling intrusion and surveillance tooling to governments and law enforcement and suffering a major breach in 2015 that exposed internal exploits and frameworks. In the current campaign, the delivered payload was LeetAgent, a modular Windows implant with a command set that covers remote command execution, process management, file read/write, code injection, dynamic configuration, task control, and a job mechanism for keylogging and staged file theft focused on office documents. The malware communicates over HTTPS and can run additional components in memory.
Kaspersky also found links between this toolkit and a more advanced spyware family known as Dante, seen in activity since 2022 and positioned as a successor to earlier âRCSâ implants from the Hacking Team era. In some incidents, LeetAgent handed off to Dante, and researchers noted overlapping persistence methods (including COM hijacking), similar file paths, and shared code in loader stagesâstrong signals of a shared actor or toolset. Separately, Positive Technologies reported use of the same Chrome vulnerability by a cluster it calls TaxOff to deploy a backdoor named Trinper, further indicating multiple operations anchored around the same sandbox-bypass primitive.
Memento Labsâ response and attribution nuances Following publication of the research, Memento Labsâ CEO confirmed the spyware belonged to the company and attributed its exposure to a government customer using an outdated Windows build, while asserting the firm has shifted toward mobile-focused tooling and requested customers stop using the Windows malware. Those statements underscore the recurring tension around commercial surveillance tech: tools marketed to official clients can leak, proliferate, or be misused, and their existence increases the incentive to hunt for and weaponize browser and OS zero-days.
How the attack flowed The lure began with a validator script on the malicious site that checked the visitorâs environment, then triggered the CVE-2025-2783 sandbox escape in supported browser versions. Once outside the sandbox, a loader established persistence and launched LeetAgent, which reached out to a command-and-control server for tasking. The use of short-lived, personalized links reduced the usefulness of sharing URLs between defenders and complicated retrospective detection. Infrastructure and staging artifacts suggest careful operational security and language familiarity with the targets, even if some errors pointed away from native fluency.
What to do now
Make sure Chrome and any Chromium-based browsers (Edge, Brave, Opera, Vivaldi) are fully updated across your fleet. In managed environments, enforce minimum browser versions and monitor for drift; donât rely solely on user-initiated auto-update. Patch Windows hosts alongside browser updates to close privilege-escalation and persistence angles that often follow sandbox escapes.
Harden browsing for high-risk users. Place journalists, researchers, diplomats, and executives behind enhanced protections: isolate browsers in VMs or sandboxes, require hardware-backed authentication, and restrict execution of unknown binaries. Consider application allowlisting and constrained user privileges on endpoints where feasible.
Turn phishing-resistant habits into defaults. Train teams to treat personalized event invites and short-lived links with caution. Where possible, open untrusted links in isolated sessions and block automatic preview/URL âlinkificationâ in messaging tools for sensitive groups.
Hunt for signs of post-exploitation. Look for unusual persistence such as COM hijacking entries, suspicious DLLs or scripts under user profile paths, and newly created tasks/services tied to browser processes. Review egress for anomalous HTTPS beacons to previously unseen hosts and inspect font or other resource files that might carry embedded configuration. If you suspect compromise, isolate affected endpoints, preserve forensic data, rotate credentials, and rebuild from known-good images.
The bigger picture This campaign illustrates three persistent truths in defensive security. First, high-value actors will burn zero-days against carefully chosen targets, especially when the payoff includes durable access via commercial spyware. Second, a browser sandbox is necessary but not sufficient; layered endpoint controls and rapid patch pipelines are essential. Third, the continued availability of commercial intrusion frameworks lowers the barrier for governments and contractors to run sophisticated operationsâand expands the ecosystem of tools that can leak or be repurposed.
For most organizations, the immediate risk from this specific activity is low if you maintain current browser versions and strong endpoint hygiene. But the patternâphishing to browser exploit to post-exploitation frameworkâremains a staple across geographies and sectors. Closing the window from patch release to fleet-wide adoption, isolating risky browsing, and instrumenting your endpoints for both prevention and detection are the most reliable ways to blunt similar campaigns.
Written by: Logan Elliott
Cyberix
https://cyberixsafe.com
